DEAct: Concerns about copyright infringement evidence gathering

Consumer Focus have today written to the Motion Picture Association of America (MPAA) about the way the MPAA collect evidence of copyright infringement by individuals on P2P networks. The letter relates to a presentation the MPAA gave to Consumer Focus and security expert Dr Richard Clayton (also a member of Open Rights Group's advisory council), about the process they will be using for the US' 'six strike' copyright infringement process. In his analysis, Dr Clayton found a number of issues that could lead to errors in the gathering of evidence of infringement.

This is a really important intervention. As well as being used in the US for their 'six strike' regime, the MPAA intend to use this or a similar procedure for the Digital Economy Act process here. They'll be using this method to collect evidence of copyright infringement by people in the UK.

The reason it's really important to get the evidence gathering procedure right is two-fold. First, it's difficult to make sure the process identifies the right Internet connection, to ensure that letters are only sent to subscribers whose Internet connection was actually used to infringed copyright. As we know, an IP address does not identify a computer, or even the individual who has engaged in p2p filesharing, only the Internet connection.

And we're talking about a lot of letters. It is anticipated that up to 2 million copyright infringement reports will be submitted annually by the MPAA and BPI under the Digital Economy Act 2010. Second, being on the receiving end of these letters has consequences. (This is a process set out in the Initial Obligations Code - you can read our response to the consultation on this here).

To challenge an accusation of infringement, subscribers will have to pay £20 to appeal. If a subscriber receives three letters, they will be added to a list of repeat infringers. Copyright owners can then request the details of those subscribers, at which point they could take them to court. And after 12 months, the Government can bring in further technical measures against subscribers who have received three letters or more – “technical measures” can include the slowing of an Internet connection, or possibly disconnection*.

So getting the evidence gathering process right is important to make sure that subscribers are not wrongly sent letters, and then forced to pay £20 to prove their innocence.

Dr Clayton wrote an expert report, commissioned by Consumer Focus, to guide Ofcom in the implementation of the DEAct. That was published earlier in the summer, and is available from Consumer Focus' website.

Open Rights Group were copied in to the letters sent today, so we're making them available. You can read the letter that Chief Executive of Consumer Focus Mike O'Connor CBE sent to the MPAA here, and the letter Dr Richard Clayton sent to Consumer Focus with his full analysis here.

In his new analysis of the MPAA process as it stands, Dr Clayton found some weaknesses and makes some recommendations for how to fix them. Here's a summary of some key concerns.

1. Transparency. In our response to Ofcom on their revised Initial Obligations Code, we were one of those calling for transparency of the evidence gathering process. We suggested to Ofcom that those accused of infringement 'receive all the necessary information about the means used to obtain evidence'. Dr Clayton emphasises this in his letter to Consumer Focus. He says 'It is essential that the designs of monitoring systems can be independently reviewed and that the public should have the opportunity to understand how they work and why they are capable of precisely identifying the IP address of an unauthorised uploader".

2. Hygiene checks: Dr Clayton recommends that the MPAA conducts regular hygiene checks, to ensure that its monitoring system identifies not only IP addresses correctly, but also records the time of an alleged infringement correctly. This is important, because if the time of an alleged infringement is recorded incorrectly, an ISP may identify the wrong Internet subscriber. Dr Clayton explains “Of course I accept that the system design is intended to be foolproof, and that if my comments above about hygiene are taken on board then faulty components will be rapidly identified and fixed – nevertheless, it is in my view extremely unwise to assume that a system such as this will be operated without any errors ever occurring.”

3. A 'doctrine of perfection': Dr Clayton recommends an approach where the 'failure of an ISP to match an IP address to a subscriber account at the time of an alleged infringement should trigger an investigation into the cause of the error. There may be a systematic error, and in such a case all other IP addresses harvested in the same batch should be considered unreliable as a result.'

4. Automated identification: Dr Clayton highlights the issue of automated identification of content, which is not used by the MPAA, but is used by the BPI, which also attended the meeting. Dr Clayton explains that the BPI: "told us that for music it was common to use automated identification systems – doubtless based on the type of signal processing technology that is used in products such as those marketed by Audible Magic. Unfortunately, recent events have shown that fully automated systems can make patently incorrect decisions, and you might have read of the blocking of streamed video of the Mars lander, the Hugo awards and part of the Democratic National Convention. Therefore, I would be concerned to learn that automated systems were not supplemented by manual checks."

We wondered whether the MPAA had also shared their presentation and information with DCMS, the department responsible for the Digital Economy Act, and Ofcom, who are tasked with implementing it. We asked them both, and they told us they had not been given this presentation by the MPAA - although they have been copied in to these letters as well, so they now have the analysis from Dr Clayton.

* See this blog by Francis Davey from November 2010 (yes, this has been going on that long) on what the technical measures may involve.

Open Rights Group exists to preserve and promote your rights in the digital age. We are funded by thousands of people like you. We are based in London, United Kingdom. Open Rights is a non-profit company limited by Guarantee, registered in England and Wales no. 05581537.